Lucene search
China National Vulnerability DatabaseCNVD-2022-68882HistoryMay 16, 2022 - 12:00 a.m.
MediaWiki SQL Injection Vulnerability
2022-05-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.002 Low
EPSS
Percentile
52.3%
MediaWiki is a set of web-based wiki engines from the U.S. Wikimedia (MediaWiki) Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.37.2 and earlier, which stems from a SemanticDrilldown extension that allows SQL injection using specific “-” and “_”. An attacker could exploit this vulnerability to conduct SQL injection attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mediawiki mediawiki | le | 1.37.2 |
Related
cve
cve
CVE-2022-29904
2022-04-29 04:15:10
veracode
veracode
SQL Injection
2022-05-04 11:57:53
osv
osv
BIT-mediawiki-2022-29904
2024-03-06 11:05:43
CVE-2022-29904
2022-04-29 04:15:10
prion
prion
Sql injection
2022-04-29 04:15:00
cvelist
cvelist
CVE-2022-29904
2022-04-29 03:43:51
checkpoint_advisories
checkpoint_advisories
MediaWiki Semantic Drilldown SQL Injection (CVE-2022-29904)
2022-05-23 00:00:00
nvd
nvd
CVE-2022-29904
2022-04-29 04:15:10